CVE-2025-68118 | FreeRDP up to 3.19.x on Windows Remote Desktop Protocol freerdp_certificate_data_hash Hostname out-of-bounds (GHSA-h78c-5cjx-jw6x)

A vulnerability, which was classified as problematic, was found in FreeRDP up to 3.19.x on Windows. Affected is the function freerdp_certificate_data_hash of the component Remote Desktop Protocol. Such manipulation of the argument Hostname leads to out-of-bounds read.

This vulnerability is traded as CVE-2025-68118. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More